<?php
session_start();
include_once 'conn.php';
$action = $_POST['action'];
if($action){
    $sql = "select * from userinfo where username = '".$_POST['username']."'";
}
else{
    $sql = "select * from userinfo where username = '".$_POST['username']."' and pw = '".md5($_POST['pw'])."'";
}
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)){
    $a['error'] = 0;
    $_SESSION['username'] = $_POST['username'];
    $info = mysqli_fetch_array($result);
    $_SESSION['isAdmin'] = $info['admin'];
    $_SESSION['userID'] = $info['id'];
}
else{
    $a['error'] = 1;
    $a['errMsg'] = '错误的用户名或密码!';
}
echo json_encode($a);
